We’ve got the latest scoop on the T-Mobile hacking incident from a few weeks ago. As it turns out, T-Mobile will be facing a series of class action lawsuits filed by at least three customers. The customers accused the company of negligence after their personal data were exposed by hackers.
The three lawsuits have been filed in a district court, each demanding jury trials. Out of the three lawsuits, two accused T-Mobile of violating the US Federal Trade Commission (FTC) Act, which hinders companies from engaging in “unfair or deceptive” activities. And this apparently included their failure to maintain sufficient security measures to keep their customers’ information safe and secure.
One of the filings showed an FTC-provided guideline that advised businesses to not maintain personally identifiable information that was “longer than is needed for authorisation of a transaction.”
In addition to this, one of the class action lawsuits accuse T-Mobile of violating the California Consumer Privacy Act. This act assigns a specific penalty to a company who allows unauthorised access to the data of their customers. The penalty is set between $100 and $750 per consumer/incident, or actual damages, whichever is greater.
The recent cybersecurity incident allowed hackers to access the names, social security numbers, driver license numbers, and birth dates of around 48 million customers in total. Out of that number, 40 million previously applied for credit and may fall under the coverage of the FTC law.
After the hack was revealed, T-Mobile announced that it was fully cooperating with the ongoing investigation of law enforcement agencies. Since then, a 21-year-old hacker, named John Binns, has claimed responsibility for the incident. T-Mobile has not confirmed this yet.
Source: Mobile World Live